top of page
EC2.13
Security groups should not allow ingress from 0.0.0.0/0 to port 22
Severity
Cloud Platforms
Resources
Related Standards
Automated
HIGH
AWS
Amazon EC2
AWS CIS Foundations v1.2, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
YES
Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 22.
bottom of page